An anonymous reader writes: Windows 8 has been confirmed to not only ignore, but also modify the hosts file. As soon as a website that should be blocked is accessed, the corresponding entry in the hosts file is removed, even if the hosts file is read-only. The hosts file is a popular, cross-platform way of blocking access to certain domains, such as ad-serving websites, but now that Microsoft clearly wants to control your web browsing experience, the practice not be that cross-platform anymore.

First off the article totally underestimates the use of the hosts file. This is what existed before DNS and I still use it for my home network and non-dns based routes. Anyway what's doing this according to the update in the article is Windows Defender which cleans the hosts file automatically to prevent malware from redirected people. Since Defender can be disabled this is likely a feature not a bug.

That gets to the issue of what security tools should do. For the average user what are they supposed to do with a message like "Windows Defender has detected invalid links in your hosts file, which is used in domain name resolution. Should it change these to match your ISP's name server's settings or leave them alone?"

They can't answer that. A question can't be the default since the vast majority of the time the person getting the question can't answer the question. Heck, the person who wrote the articl

It is worth considering that I might dis-able an ad server in hosts (a very common technique BTW) because it has a reputation for ads with malware attached. Remove that block and my security is decreased.

The question to ask would be "one or more domains have been altered by placing entries in the hosts file. Did you do that on purpose? (if you don't understand the question, choose no)". Just to be sure, also provide an OK button for the user to click without thought that allows removing the entry.

They could find out about it if it will kindly announce itself. It would also be more useful if it could be fine tuned rather than all or nothing.

It can be. That's what I was saying about going into the tools menu and changing allowed items.

The question to ask would be "one or more domains have been altered by placing entries in the hosts file. Did you do that on purpose? (if you don't understand the question, choose no)". Just to be sure, also provide an OK button for the user to click without thought

I wonder, where does it gets the answers?I wonder, how does it validates them as correct?

Inside many companies the internal host names and addressesare managed with care via local DNS to give correct answersinside the firewall without busting the device when the sales forceis outside the firewall making a house call. Via VPN insideanswers no VPN outside answers.

Other companies use proxy servers to tinker with, manage,measure and filter web access. I wonder, how does that interact?